FERPA and HIPAA Crossword

Edit Answers
1234567891011121314151617181920212223242526272829303132333435363738
Across
  1. 4. Financial consequences imposed on entities for failure to comply with HIPAA.
  2. 7. If school’s clinic only serves students and maintain its students record itself, then this act applies (choose HIPAA or FERPA) _____.
  3. 8. An agreement established between healthcare entities with third parties (trading partners) with whom they exchange health information to ensure the HIPAA compliance.
  4. 10. Identity badges worn by authorize personnel to access certain area is an example of _______ security measures.
  5. 11. Business ______ are persons, businesses or vendors that perform certain functions on behalf of healthcare providers.
  6. 13. Persons who believes that their right is violated under FERPA can file a _______ with Department of Education who will investigate the case.
  7. 14. Private and religious elementary and _______ schools are generally not subject to FERPA.
  8. 15. In case of health and safety _______, schools are permitted to disclose PII from education records.
  9. 17. In FERPA, Social Security Number and ______ are categorized as non-directory information.
  10. 20. Student’s _______ record maintained by a school nurse are considered part of student’s education records, thus protected from unauthorized disclosure.
  11. 21. Unless there is an outstanding request by an eligible student to inspect and review education records, FERPA ______ the school to destroy such records without notice to the student.
  12. 25. The ______ Rule of HIPAA sets limit and conditions on the use and disclosure of health information without patient authorization
  13. 27. An entity must make reasonable effort to use, disclose and request only the minimum amount of PHI needed to accomplish the purpose is called minimum _______ principle.
  14. 30. A legal standing that permits education institution to release education record for a law enforcement purpose without prior consent.
  15. 32. HIPAA allows the release of _______ data sets for public health, research, and other purposes after specific identifiers about the patient or household have been removed.
  16. 33. A method to protect electronic health information by removing specific identifiers about a patient or household that can identify a specific patient.
  17. 36. A technology to decode the PHI into unreadable form when transmitted or stored in a database.
  18. 37. To raise awareness, healthcare entities should provide ______ to their employees who interacts with health information on a regular basis.
  19. 38. FERPA final rules of 2008 does not dictate the technical steps to protect electronic data system, but offers standards from _______ as a reference to safeguard electronic records.
Down
  1. 1. In FERPA, prior to education record information disclosure, educational institutions must obtain written ______.
  2. 2. Under FERPA, schools are prohibited to ______ PII which derives from the educational records.
  3. 3. HIPAA is a _____ law that gives you the right to have your health information protected and limit who can have access to your health information.
  4. 5. Under FERPA, personal data that can be found in publicly available sources (yearbook, phonebook), such as name, address, e-mail, telephone number are classified as ______ information.
  5. 6. Title _____ of HIPAA is relevant to information security in which it provides national standards on electronically transferred health information.
  6. 9. Access Control is one of _________ safeguards to regulate access to electronic PHI.
  7. 12. Although FERPA prohibit nonconsensual disclosure of education records, it lists several condition under which the written permission are not required; this is called _______.
  8. 16. FERPA, which stands for_______ Educational Right & Privacy Act, is a law enacted in 1974 that governs the access of educational information and records.
  9. 18. A detailed document that gives entities permission to use protected health information for specified purposes or to disclose protected health information to a third party specified by an individual.
  10. 19. The term PHI in HIPAA refers to ________ health information
  11. 21. PII, which stands for ______ Identifiable Information is data that can identify a specific person/student.
  12. 22. In general, there are ______ titles within HIPAA to describe major domains regulated in the law.
  13. 23. A student who has reached the age of 18 or who is attending a postsecondary institution at any age is called a ________ student; the rights afforded his or her parents under FERPA transfer to that student.
  14. 24. In regards to data sharing, your health information data cannot be shared to other entities without your written ________
  15. 26. '______ entities’ is a terminology used in HIPAA to identify parties involved in the healthcare business, such as healthcare providers, insurance companies, health information clearinghouses, etc.
  16. 28. HIPAA stands for Health Insurance _____ and Accountability Act is established in 1996 to govern the health care marketplace.
  17. 29. Schools can provide health agencies with access to student health and other relevant data if the information does not contain _______.
  18. 31. A formal event/process to which education institution responds after receiving a request from the parent or eligible student challenging the student’s education records believed to be inaccurate, misleading, or in violation of the student’s privacy rights.
  19. 34. The _______ Rule of HIPPA requires technical and non-technical safeguards to keep Electronic Health Information safe.
  20. 35. FERPA applies to all educational agencies and institutions that receive ______ from the government which is administered by the Department of Education (DOE).
  21. 37. In case of unauthorized disclosure, under FERPA, education institution does not require notification to parents or eligible students, unless the disclosure is related to identity _______